| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Jul 2007 18:27:34 +0200 (CEST) From: Daniël Mantione <daniel.mantione@...epascal.org> To: Dmitry Torokhov <dmitry.torokhov@...il.com> cc: linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: Keyboard programming needs root Op Thu, 19 Jul 2007, schreef Dmitry Torokhov: > Hi Daniel, > > On 7/14/07, Daniel Mantione <daniel.mantione@...epascal.org> wrote: > > Hello, > > > > A while back a patch was merged to make that only root can program the > > keyboard: > > > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0b360adbdb54d5b98b78d57ba0916bc4b8871968 > > > > Is this patch discussable? I think this patch isn't proper because of the > > following reasons: > > > > * Users can play games in many ways. They can configure the terminal > > settings, (remove the automatic line feed, disable the echo etc). They > > can > > load console fonts. They can still put the keyboard in raw mode, etc. > > Keyboard raw mode or disabling line echo may be annoying but you > really don't want someone leaving box after binding "rm -rf /" to a > backspace key... As I said, the proper solution to this problem is to restore the keyboard in a known state after logout. There is no need for the kernel to change behaviour. Many operating systems allow changing keyboard layout and can because there is no need for it to be insecure. However, I can agree that in some cases, as per system policy, administrators mays want to prevent this. > > * All of these games can be prevented by making mingetty (or whatever > > getty is used) or PAM can put the console into a known state after > > logout. > > * All of these games are annoyances, system security is not > > compromised. > > * I do not see a problem with for example a French user doing a "loadkeys > > fr" if that allows hims to use the computer easier. > > > > Worst issue for me though, is that KDSBENT is needed to be able to catch > > keys like shift+tab, alt+fx, escape without delay. My application > > suddenly > > needs root permissions to work properly. > > Yes, if your application mucks with the console it has to be trusted... That is not really constructive: I don't want to muck with the console, I a working keyboard. Linux just just requires you to muck with the console if you want a working keyboard. Many applications, Midnight Commander to name one, work around Linux console limitations (try ctrl+arrows, works as expected despite not supported by Linux). Now if you force applications to work around limitations, you have a certain responsibility not to break them. > > The alternative, semi raw mode, > > has the disadvantage that you need to implement your own keymaps (like > > X). > > In short, this change breaks applications. > > > > You may also try reading data directly from evdev devices... They are > normally privileged as well but usually user logged on console is > given access to them. evdev has the same problem as medium/full raw mode: You need your own keyboard maps. This makes this solution not very practical. To make this discussion productive, I want to work towards a solution. I don't mind how I can make the keyboard work as it should, I just want it work. Think of the needs of a user interface, you walk through controls using tab and shift+tab, put common commands under the function keys and shift/control/alt combinations. Cursor control in an editor is done with the navigation pad on your keyboard: arrows, home/end/pgup/pgdown, plus shift/control/alt combinations with them. That is all, nothing fancy. Could the kernel support a way to do this? Greetings, Daniël Mantione
Powered by blists - more mailing lists